What to do in the event of a cyber-attack?

Even the most secure organisation can fall victim to a cyber-attack.

With many high-profile businesses such as Ikea, Samsung, KP Snacks and Funky Pigeon who have been hit by cyber-attacks in the last year, businesses need to safeguard themselves from potential online cyber threats.

A cyberthreat report carried out by Cyber Edge Group identified that a record 86% of organisations suffered from a successful cyberattack in 2020/2021. The largest noted increase within the last six years. Organisations who have security measures in place need to monitor threats carefully and adjust their defences regularly.

According to an InsuranceBee survey, 83% of SMEs are not financially equipped to recover from a cyber-attack. With several businesses unaware of what to do in the event of a cyber-attack, we outline in this blog what measures businesses should take if they experience a cyber-attack.

What is a cyber-attack?

A cyber-attack is a deliberate attempt to gain access to unauthorised devices, files/ data, and networks, usually with malicious intent to cause harm. Examples of common cyber-attacks includes viruses, malware, phishing, ransomware, spyware and trojans.

Common reasons for cyber-attacks includes theft, fraud, extortion, and identity theft.

What to do after a cyber-attack?

In the event of a cyber-attack, we would advise businesses to do the following:

1. Confirm the breach

Contact your IT provider so that they can identify whether information has been compromised.

2. Identify the Type of Attack

Whether it’s a Virus, Phishing Scam, Malware, Ransomware attack, Spyware or Trojan, identifying what type and location of cyber-attack will help your cyber security specialist(s) with repairing the breach faster.

3. Contain the Cyber Security Breach

The first step you should take after a data breach is to determine which servers/ devices have been compromised and contain them as quickly as possible to ensure that other servers or devices won’t also be infected.

Below are a few immediate things you can do to attempt to contain a data breach.

• Disconnect your internet
• Disable remote access
• Maintain your firewall settings
• Change your passwords
• Install any outstanding security updates or patches

4. Assess and repair the security breach damage

It’s important to assess and repair any breach as quickly as possible. You’ll need to determine the cause of the breach within your specific business so that you can prevent the same kind of attack from happening again in the future.

5. Report the Attack

Once the attack has been contained, it’s essential to report the incident to Action Fraud.

If any data has been breached, then under GDPR businesses are required to contact the Information Commissioner’s Office (ICO).

6. Inform any Customers

Your customers need to be notified, especially if the attack has impacted any customer data. Work with your PR team to decide what is the best way to communicate this breach.

7. Educate your staff and create a business cyber security plan

Learn from this experience by putting security measures in place to reduce and limit any future cyber-attacks.

How to protect your business from a cyber-attack?

It’s crucial for businesses to have a cyber strategy in place to mitigate cyber-attacks and data breaches.

Businesses can protect themselves from a cyber-attack by noting the below tips;

PLAN

Plan ahead and create an effective business continuity plans. Review your own skills and knowledge and determine if you need outside help. Review any potential threats and risk which may affect your business.

RISK ASSESSMENT

Be aware of all the possible entry points and potential weaknesses by carrying out a Penetration Test and risk assessment which can identify any weak entry points to a system, network or website.

PREVENTION

Prevent, detect and respond to security threats. This includes installing antivirus on all systems and keeping your software and web browsers up to date.

BUILD RESILIENCE

Restrict staff and third-party access to your IT equipment, systems and information and use firewalls, proxies, access lists etc where necessary. Maintain an inventory of all IT equipment and software and identify a secure standard formation for all existing and future IT equipment used by your business.

STAFF AWARENESS TRAINING

Provide regular staff training around using technology securely. Sign employees up to Phishing simulations and advise staff to change passwords frequently, not to open attachments or click links within emails received from senders you do not recognise.

CYBER INSURANCE

In the event of a cyber-attack, Cyber insurance can help your organisation get back on its feet.

Under GDPR, businesses can be fined up to £17.5 million or 4% of the total annual worldwide turnover in the preceding financial year, whichever is greater for a data breach. We would strongly advise clients to create a cyber security strategy sooner rather than later.

Should you require any advice on how to safeguard your business from cyber-attacks, get in touch with our cyber security experts.